The branch, v4-20-stable has been updated
via 74506c7ad6c VERSION: Disable GIT_SNAPSHOT for the 4.20.8 release.
via 5bf75bd8ece WHATSNEW: Add release notes for Samba 4.20.8.
via 02dcd201fd9 vfs_shadow_copy2: Use VFS interface to derive mount
point
via 351bdc71643 ctdb-utils: Fix incorrect FSF address
via cabe5f89975 python:tdb_util: "samba-tool domain backup offline"
hangs
via 47eaf606a44 provision: always use a large transaction index cache
via 848cdca0b53 netcmd: Increase the transaction_index_cache_size to
200k for schemaupgrade
via 96e60f4f0ea s4:ldap_server: Consider ldapi connections to be
encrypted
via dda353c656c s4:ldap_server: Store whether an LDAP connection is
over ldapi
via 018bb7bbbc7 s4:ldap_server: Add copy of non‐privileged ops
specifically for ldapi connections
via 830d10c196f s4:ldap_server: Rename privileged ops to indicate they
are used for ldapi
via e95f6bc6d92 s4:ldap_server: Fix code spelling
via 529615128be s4:ldap_server: Remove trailing whitespace
via b4c8927881a mdssvc: support a few more attributes
via edb719760b1 vfs_gpfs: add gpfs:clamp_invalid_times
via f3d65a377ad ndr: fix coda logic around in ndr_pull_security_ace()
via a74d5beb2ac pytest: add ndr packing tests for security descriptors
via 787ced312a4 vfs_ceph_new:minor logging improvement
via d5483429ee5 vfs_ceph_new: add smbprofile for async-ops
via 6aa52e530c1 vfs_ceph_new: add profiling support
via f26f0ab3aa8 vfs_ceph_new: log open-flags upon release-fh
via f03df137fc5 vfs_ceph_new: improved vfs-opers logging
via 6d68b61c32e vfs_ceph_new: improved mount logging
via 6a09316d29c vfs_ceph_new: improve mount cache-entry add
via 00d505ae38e vfs_ceph_new: improve mount cache-entry ref-count
via 3d934ff47e3 vfs_ceph_new: avoid setting errno in
cephmount_cache_update
via 191d67baead vfs_ceph_new: refactor error-case in cephmount_mount_fs
via 82312356526 vfs_ceph_new: switch to ceph_readdir_r
via 3b3faed2e07 docs_xml/vfs_ceph_new: Add new proxy option
via f176b0374d4 wscript_build: Do not link vfs_ceph_new against
libcephfs
via f74db02aa61 vfs_ceph_new: Use function pointers for API calls
via 022dd9eb42e vfs_ceph_new: Pass module config to userperm helpers
via 8f85064175e vfs_ceph_new: Hold a config reference in vfs_ceph_fh
via 2cc98d39599 vfs_ceph_new: Call vfs_ceph_userperm_new with
handle->conn
via 9a91d70044b vfs_ceph_new: Populate function pointers with addresses
via aac150ebadf vfs_ceph_new: Add required function pointers to config
via ae13462d06f vfs_ceph_new: Dynamically open library for 'proxy' mode
via 67c9da12354 vfs_ceph_new: Introduce new parametric option 'proxy'
via 12137411955 vfs_ceph_new: Add a new struct to hold ceph module
config
via 608d2d55cac vfs_ceph_new: implement DFS hooks using libcephfs
low-level APIs
via 846b8c0d8c7 s4:rpc_server/lsa: let LookupSids* behave like Windows
2022/2025
via 981e6b51e6a libcli/security: let dom_sid_lookup_predefined_sid()
behave like Windows 2008R2
via 1e2291530ef python:tests/dcerpc/lsa: add tests for invalid
LookupSids2 combinations
via a1c2206e6bf s4:pyrpc: allow connections with
raise_result_exceptions=False
via 3e1b15aa6f1 pidl:Python: prepare code to avoid NTSTATUS/WERROR
exceptions
via e7d70c5a337 pidl:Python: handle NTSTATUS/WERROR exceptions first
via 37dee8f89c7 pidl:Python: separate logic to calculate the signature
string
via ba7115254ef pidl:Python: check PyTuple_New() return value
via d1998e201af pidl:Python: initialize pointers and add 'result' at
the end
via b4224ede9ea pidl:Python: introduce $is_raisable_return helper
variable
via b301d10f6da pidl:Python: generate nicer code for PyNdrRpcMethodDef
arrays
via 3dda8cc57f7 s3:auth: let check_sam_security() add
NETLOGON_NTLMV2_ENABLED
via d5a2358e3eb s4:auth/ntlm: let authsam_check_password_internals()
add NETLOGON_NTLMV2_ENABLED
via a0978446adb auth: Cleanup exit code paths in kerberos_decode_pac().
via 79ca540b0a6 auth: Add missing talloc_free() in error code path.
via f2514c60719 VERSION: Bump version up to Samba 4.20.8...
from 3984b04d708 VERSION: Disable GIT_SNAPSHOT for the 4.20.7 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 85 +-
auth/kerberos/kerberos_pac.c | 87 +-
ctdb/utils/pmda/Install | 3 +-
ctdb/utils/pmda/Remove | 3 +-
ctdb/utils/pmda/domain.h | 3 +-
ctdb/utils/pmda/help | 3 +-
ctdb/utils/pmda/pmda_ctdb.c | 3 +-
ctdb/utils/pmda/pmns | 3 +-
docs-xml/manpages/vfs_ceph_new.8.xml | 29 +
docs-xml/manpages/vfs_gpfs.8.xml | 29 +
libcli/security/util_sid.c | 5 +-
librpc/ndr/ndr_sec_helper.c | 5 +-
pidl/lib/Parse/Pidl/Samba4/Python.pm | 157 ++-
python/samba/netcmd/domain/schemaupgrade.py | 6 +-
python/samba/provision/__init__.py | 9 +-
python/samba/tdb_util.py | 5 +-
python/samba/tests/dcerpc/lsa.py | 226 +++-
python/samba/tests/ndr/sd.py | 623 ++++++++++
selftest/tests.py | 1 +
source3/auth/check_samsec.c | 2 +
source3/modules/vfs_ceph_new.c | 1771 +++++++++++++++++++--------
source3/modules/vfs_gpfs.c | 43 +-
source3/modules/vfs_shadow_copy2.c | 31 +-
source3/modules/wscript_build | 2 +-
source3/rpc_server/mdssvc/mdssvc.c | 23 +-
source4/auth/ntlm/auth_sam.c | 1 +
source4/ldap_server/ldap_backend.c | 2 +-
source4/ldap_server/ldap_server.c | 60 +-
source4/ldap_server/ldap_server.h | 9 +-
source4/librpc/rpc/pyrpc.h | 1 +
source4/librpc/rpc/pyrpc_util.c | 27 +-
source4/librpc/rpc/pyrpc_util.h | 2 +-
source4/rpc_server/lsa/lsa_lookup.c | 15 +
34 files changed, 2598 insertions(+), 678 deletions(-)
create mode 100644 python/samba/tests/ndr/sd.py
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 144555f6342..0607444654a 100644
--- a/VERSION
+++ b/VERSION
@@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the
Samba Team 1992-2024"
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=20
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 9f8326ef28b..8a36ecc317f 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,85 @@
+ ==============================
+ Release Notes for Samba 4.20.8
+ March 25, 2025
+ ==============================
+
+
+This is the latest stable release of the Samba 4.20 release series.
+
+
+Changes since 4.20.7
+--------------------
+
+o Jeremy Allison <j...@samba.org>
+ * BUG 15782: winbindd shows memleak in kerberos_decode_pac.
+
+o Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
+ * BUG 15738: Creation of GPOs applicable to more than one group is
impossible
+ with Samba 4.20.0 and later.
+ * BUG 15795: ldb index cache is too small on known large transactions
+ (schemaupgrade, provision).
+
+o Ralph Boehme <s...@samba.org>
+ * BUG 15151: vfs_gpfs silently garbles timestamps > year 2106.
+ * BUG 15796: Spotlight search results don't show file size and creation
date.
+
+o Guenther Deschner <g...@samba.org>
+ * BUG 15703: General improvements for vfs_ceph_new module.
+
+o Andréas Leroux <aler...@tranquil.it>
+ * BUG 15795: ldb index cache is too small on known large transactions
+ (schemaupgrade, provision).
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 14213: Windows Explorer crashes on S-1-22-* Unix-SIDs when accessing
+ security tab.
+ * BUG 15783: NETLOGON_NTLMV2_ENABLED is missing in the SamLogon* user_flags
+ field.
+
+o Anoop C S <anoo...@samba.org>
+ * BUG 15703: General improvements for vfs_ceph_new module.
+ * BUG 15797: Unable to connect to CephFS subvolume shares with
+ vfs_shadow_copy2.
+
+o Martin Schwenke <mschwe...@ddn.com>
+ * BUG 15820: Incorrect FSF address in ctdb pcp scripts.
+
+o Shachar Sharon <ssha...@redhat.com>
+ * BUG 15703: General improvements for vfs_ceph_new module.
+
+o Shweta Sodani <ssod...@redhat.com>
+ * BUG 15703: General improvements for vfs_ceph_new module.
+
+o Jo Sutton <josut...@catalyst.net.nz>
+ * BUG 15634: unicodePwd cannot be modified over ldapi.
+
+o Andrea Venturoli <m...@netfence.it>
+ * BUG 15804: "samba-tool domain backup offline" hangs.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
==============================
Release Notes for Samba 4.20.7
January 21, 2025
@@ -65,8 +147,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.6
November 19, 2024
diff --git a/auth/kerberos/kerberos_pac.c b/auth/kerberos/kerberos_pac.c
index b6272ac15eb..4c61cfe838f 100644
--- a/auth/kerberos/kerberos_pac.c
+++ b/auth/kerberos/kerberos_pac.c
@@ -137,7 +137,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
time_t tgs_authtime,
struct PAC_DATA **pac_data_out)
{
- NTSTATUS status;
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
enum ndr_err_code ndr_err;
krb5_error_code ret;
DATA_BLOB modified_pac_blob;
@@ -173,8 +173,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
kdc_sig_wipe = talloc(tmp_ctx, struct PAC_SIGNATURE_DATA);
srv_sig_wipe = talloc(tmp_ctx, struct PAC_SIGNATURE_DATA);
if (!pac_data_raw || !pac_data || !kdc_sig_wipe || !srv_sig_wipe) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
}
ndr_err = ndr_pull_struct_blob(&pac_data_blob, pac_data, pac_data,
@@ -183,15 +183,14 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
if (pac_data->num_buffers < 4) {
/* we need logon_info, service_key and kdc_key */
DEBUG(0,("less than 4 PAC buffers\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
ndr_err = ndr_pull_struct_blob(
@@ -201,15 +200,14 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
if (pac_data_raw->num_buffers < 4) {
/* we need logon_info, service_key and kdc_key */
DEBUG(0,("less than 4 PAC buffers\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (pac_data->num_buffers != pac_data_raw->num_buffers) {
@@ -217,8 +215,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
DEBUG(0, ("misparse! PAC_DATA has %d buffers while "
"PAC_DATA_RAW has %d\n", pac_data->num_buffers,
pac_data_raw->num_buffers));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
for (i=0; i < pac_data->num_buffers; i++) {
@@ -229,8 +227,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
DEBUG(0, ("misparse! PAC_DATA buffer %d has type "
"%d while PAC_DATA_RAW has %d\n", i,
data_buf->type, raw_buf->type));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
switch (data_buf->type) {
case PAC_TYPE_LOGON_INFO:
@@ -263,26 +261,26 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
if (!logon_info) {
DEBUG(0,("PAC no logon_info\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!logon_name) {
DEBUG(0,("PAC no logon_name\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!srv_sig_ptr || !srv_sig_blob) {
DEBUG(0,("PAC no srv_key\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!kdc_sig_ptr || !kdc_sig_blob) {
DEBUG(0,("PAC no kdc_key\n"));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
/* Find and zero out the signatures,
@@ -297,8 +295,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the KDC signature: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
ndr_err = ndr_pull_struct_blob(
@@ -308,8 +305,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the SRV signature: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
/* Now zero the decoded structure */
@@ -326,8 +322,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't repack the KDC signature: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
ndr_err = ndr_push_struct_blob(
srv_sig_blob, pac_data_raw, srv_sig_wipe,
@@ -336,8 +331,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't repack the SRV signature: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
/* push out the whole structure, but now with zero'ed signatures */
@@ -348,8 +342,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't repack the RAW PAC: %s\n",
nt_errstr(status)));
- talloc_free(tmp_ctx);
- return status;
+ goto out;
}
if (service_keyblock) {
@@ -360,7 +353,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
if (ret) {
DEBUG(5, ("PAC Decode: Failed to verify the service "
"signature: %s\n", error_message(ret)));
- return NT_STATUS_ACCESS_DENIED;
+ status = NT_STATUS_ACCESS_DENIED;
+ goto out;
}
if (krbtgt_keyblock) {
@@ -370,8 +364,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
if (ret) {
DEBUG(1, ("PAC Decode: Failed to verify the KDC
signature: %s\n",
smb_get_krb5_error_message(context,
ret, tmp_ctx)));
- talloc_free(tmp_ctx);
- return NT_STATUS_ACCESS_DENIED;
+ status = NT_STATUS_ACCESS_DENIED;
+ goto out;
}
}
}
@@ -387,8 +381,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
nt_time_string(tmp_ctx,
logon_name->logon_time)));
DEBUG(2, ("PAC Decode: Ticket: %s\n",
nt_time_string(tmp_ctx,
tgs_authtime_nttime)));
- talloc_free(tmp_ctx);
- return NT_STATUS_ACCESS_DENIED;
+ status = NT_STATUS_ACCESS_DENIED;
+ goto out;
}
}
@@ -400,8 +394,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
if (ret) {
DEBUG(2, ("Could not unparse name from ticket to match
with name from PAC: [%s]:%s\n",
logon_name->account_name,
error_message(ret)));
- talloc_free(tmp_ctx);
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
bool_ret = strcmp(client_principal_string,
logon_name->account_name) == 0;
@@ -412,8 +406,8 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
logon_name->account_name,
client_principal_string));
SAFE_FREE(client_principal_string);
- talloc_free(tmp_ctx);
- return NT_STATUS_ACCESS_DENIED;
+ status = NT_STATUS_ACCESS_DENIED;
+ goto out;
}
SAFE_FREE(client_principal_string);
@@ -434,10 +428,15 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
}
if (pac_data_out) {
- *pac_data_out = talloc_steal(mem_ctx, pac_data);
+ *pac_data_out = talloc_move(mem_ctx, &pac_data);
}
- return NT_STATUS_OK;
+ status = NT_STATUS_OK;
+
+ out:
+
+ TALLOC_FREE(tmp_ctx);
+ return status;
}
NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
diff --git a/ctdb/utils/pmda/Install b/ctdb/utils/pmda/Install
index a56a63506a8..bd12b7486cf 100644
--- a/ctdb/utils/pmda/Install
+++ b/ctdb/utils/pmda/Install
@@ -13,8 +13,7 @@
# for more details.
#
# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# with this program; if not, see <https://www.gnu.org/licenses/>.
#
# Install the ctdb PMDA and/or PMNS
#
diff --git a/ctdb/utils/pmda/Remove b/ctdb/utils/pmda/Remove
index 7d1c509e50e..8bf0fe76e15 100644
--- a/ctdb/utils/pmda/Remove
+++ b/ctdb/utils/pmda/Remove
@@ -13,8 +13,7 @@
# for more details.
#
# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# with this program; if not, see <https://www.gnu.org/licenses/>.
#
# Remove the ctdb PMDA
#
diff --git a/ctdb/utils/pmda/domain.h b/ctdb/utils/pmda/domain.h
index 0bed7fef599..b00d32d90dc 100644
--- a/ctdb/utils/pmda/domain.h
+++ b/ctdb/utils/pmda/domain.h
@@ -13,7 +13,6 @@
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#define CTDB 110
diff --git a/ctdb/utils/pmda/help b/ctdb/utils/pmda/help
index 0e9984eab3a..26b5385b0da 100644
--- a/ctdb/utils/pmda/help
+++ b/ctdb/utils/pmda/help
@@ -12,8 +12,7 @@
# for more details.
#
# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+# with this program; if not, see <https://www.gnu.org/licenses/>.
#
# ctdb PMDA help file in the ASCII format
#
diff --git a/ctdb/utils/pmda/pmda_ctdb.c b/ctdb/utils/pmda/pmda_ctdb.c
index 4f7933de9c5..7ac8a3b38d1 100644
--- a/ctdb/utils/pmda/pmda_ctdb.c
+++ b/ctdb/utils/pmda/pmda_ctdb.c
@@ -15,8 +15,7 @@
* for more details.
*
* You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#include "replace.h"
diff --git a/ctdb/utils/pmda/pmns b/ctdb/utils/pmda/pmns
index dc7e3ac2bfa..c9f6644d52f 100644
--- a/ctdb/utils/pmda/pmns
+++ b/ctdb/utils/pmda/pmns
@@ -15,8 +15,7 @@
* for more details.
*
* You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * with this program; if not, see <https://www.gnu.org/licenses/>.
*/
ctdb {
diff --git a/docs-xml/manpages/vfs_ceph_new.8.xml
b/docs-xml/manpages/vfs_ceph_new.8.xml
index b0640a591a5..eaf5b66cceb 100644
--- a/docs-xml/manpages/vfs_ceph_new.8.xml
+++ b/docs-xml/manpages/vfs_ceph_new.8.xml
@@ -152,6 +152,35 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>ceph_new:proxy = [ yes | no | auto ]</term>
+ <listitem>
+ <para>
+ Allows one to indicate use of the libcephfs proxy
library
+ for optimized resource utilization, allowing more
simultaneous
+ client connections. Prerequisites include the presence
of
+ <emphasis>libcephfs_proxy.so.X</emphasis> shared
library file
+ under loadable locations for dynamic linker and an
active(running)
+ <emphasis>libcephfsd</emphasis> daemon.
+ </para>
+
+ <itemizedlist>
+ <listitem><para><constant>no</constant> (default) - Do
+ not use the proxy library but regular connection through
+ <emphasis>libcephfs.so.X</emphasis>.</para></listitem>
+
+ <listitem><para><constant>yes</constant> - Always use
+ the proxy library and fail the client connection request
+ if prerequisites are unmet.</para></listitem>
+
+ <listitem><para><constant>auto</constant> - Attempt to
+ use the proxy library but fall back to the regular
cephfs
+ connection if prerequisites are unmet.</para></listitem>
+
+ </itemizedlist>
+
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
diff --git a/docs-xml/manpages/vfs_gpfs.8.xml b/docs-xml/manpages/vfs_gpfs.8.xml
index 29f2ac453f0..cee12cd3f94 100644
--- a/docs-xml/manpages/vfs_gpfs.8.xml
+++ b/docs-xml/manpages/vfs_gpfs.8.xml
@@ -316,6 +316,35 @@
</varlistentry>
+ <varlistentry>
+ <term>gpfs:clamp_invalid_times = [ yes | no ]</term>
+ <listitem>
+ <para>
+ GPFS stores timestamps using 32-bit unsigned integers for the
+ seconds component. When using gpfs:settimes = yes, this module
+ validates times that clients attempt to set are within the
+ supported GPFS range between 0 and UINT32_MAX. If a timestamp is
+ outside of this range, the client request is rejected. To cope
+ with clients setting eg temporary timestamps outside the valid
+ range, this parameter can be used to clamp the client timestamp
+ to the allowed range. Times before Thu Jan 1 12:00:00 AM UTC
+ 1970 (the UNIX epock) are then set to Thu Jan 1 12:00:00 AM UTC
+ 1970, times after Sun Feb 7 06:28:15 AM UTC 2106 will be set to
+ Sun Feb 7 06:28:15 AM UTC 2106.
--
Samba Shared Repository
